hello!
i use the SimpleUserFolder product and derive a MyUser class from it's
included User class, which in turn inherits from BasicUser.

Advertising

the SimpleUserFolder's User class does neither reimplement
getRolesInContext() nor allowed(). i looked at the source of
BasicUser (lib/python/AccessControl/User.py) and found out that
allowed() does not use the information provided by getRolesInContext().
i found this comment:
# Still have not found a match, so check local roles. We do
# this manually rather than call getRolesInContext so that
# we can incur only the overhead required to find a match.
so if i reimplement getRolesInContext() in MyUser, i'll probably also
have to reimplement allowed() to reflect the possibly added local roles,
right?
regards, jürgen herrmann
ps: looking at the code of allowed() i doubt that the "manual" checking
of local roles will speed this method up a lot: local roles seem to be
a seldomly used feature, the improvement in speed would only occur if
the object in question was protected by a local role (and not a normal
one). is this enough to justify duplicated code with all of it's
disadvantages)?
_______________________________________________________________________
>> XLhost.de - eXperts in Linux hosting <<
Jürgen Herrmann
Bruderwöhrdstraße 15b, DE-93051 Regensburg
Fon: +49 (0)700 XLHOSTDE [0700 95467833]
Fax: +49 (0)721 151 463027
WEB: http://www.XLhost.de
_______________________________________________
Zope maillist - Zope@zope.org
http://mail.zope.org/mailman/listinfo/zope
** No cross posts or HTML encoding! **
(Related lists -
http://mail.zope.org/mailman/listinfo/zope-announcehttp://mail.zope.org/mailman/listinfo/zope-dev )